From b0e03ebf8e23db1c52b6c530328cf44f8accbd91 Mon Sep 17 00:00:00 2001 From: brettp Date: Tue, 15 Mar 2011 05:26:43 +0000 Subject: Refs #2538. Loading js/configuration.js again. Only updating tokens on success and showing a basic warning if refresh fails. git-svn-id: http://code.elgg.org/elgg/trunk@8719 36083f99-b078-4883-b0ff-0f9b5a30f544 --- js/lib/security.js | 22 +++++++++++++++++++++- 1 file changed, 21 insertions(+), 1 deletion(-) (limited to 'js/lib/security.js') diff --git a/js/lib/security.js b/js/lib/security.js index f88c6165d..fa0a6f7ef 100644 --- a/js/lib/security.js +++ b/js/lib/security.js @@ -5,13 +5,15 @@ elgg.provide('elgg.security'); elgg.security.token = {}; +elgg.security.tokenRefreshFailed = false; + /** * Sets the currently active security token and updates all forms and links on the current page. * * @param {Object} json The json representation of a token containing __elgg_ts and __elgg_token * @return {Void} */ -elgg.security.setToken = function(json) { +elgg.security.setToken = function(json) { //update the convenience object elgg.security.token = json; @@ -34,6 +36,24 @@ elgg.security.setToken = function(json) { */ elgg.security.refreshToken = function() { elgg.action('security/refreshtoken', function(data) { + + // @todo might want to move this to setToken() once http://trac.elgg.org/ticket/3127 + // is implemented. It's here right now to avoid soggy code. + if (!data || !(data.output.__elgg_ts && data.output.__elgg_token)) { + elgg.register_error(elgg.echo('js:security:token_refresh_failed', [elgg.get_site_url()])); + elgg.security.tokenRefreshFailed = true; + + // don't setToken because we refresh every 5 minutes and tokens are good for 1 + // hour by default + return; + } + + // if had problems last time, let them know it's working now + if (elgg.security.tokenRefreshFailed) { + elgg.system_message(elgg.echo('js:security:token_refreshed', [elgg.get_site_url()])); + elgg.security.tokenRefreshFailed = false; + } + elgg.security.setToken(data.output); }); }; -- cgit v1.2.3